Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-29814

eZSESSID cookie is set twice after logging in to Back Office

    XMLWordPrintable

Details

    Description

      After logging into the Back Office without any cookies set and Redis as a session handler the eZSESSID cookie is set twice.

      Steps to reproduce:
      1. Clean installation of eZ Platform v2 + Redis server
      2. Apache + libapache2-mod-php (It will not reproduce on nginx or mod_fcgi!)
      3. In default_parameters.yml set (you may to change save_path to match your Redis config):

      ezplatform.session.save_path: 'tcp://localhost:6379'
ezplatform.session.handler_id: ezplatform.core.session.handler.native_redis

      4. Clear cache
      5. Go to the Backoffice login page, don't log yet.
      6. Open browser devtools and delete all cookies.
      7. Log into the Backoffice.

      Result:
      The login_check request return response headers (example) with cookie set twice:

      Set-Cookie: eZSESSID21232f297a57a5a743894a0e4a801fc3=t6frat2ovajf4ku864ue43rg68; path=/; HttpOnly
      Set-Cookie: eZSESSID21232f297a57a5a743894a0e4a801fc3=b7jtqnhfc0g5idui2kdtqpuftc; path=/; HttpOnly
      Set-Cookie: eZSESSID98defd6ee70dfb1dea416cecdf391f58=b7jtqnhfc0g5idui2kdtqpuftc; path=/; httponly

      Expected result:
      A session cookie is only set once.

      Attachments

        1. Zrzut ekranu z 2018-11-23 09-18-40.png
          Zrzut ekranu z 2018-11-23 09-18-40.png
          138 kB

        Activity

          People

            Unassigned Unassigned
            mateusz.bieniek@ibexa.co Mateusz Bieniek
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: